• Home
  • Articles
  • Download Exam NSE5_FMG-7.0 Practice Test Questions with 100% Verified Answers [Q19-Q40]

Download Exam NSE5_FMG-7.0 Practice Test Questions with 100% Verified Answers [Q19-Q40]

Share

Download Exam NSE5_FMG-7.0 Practice Test Questions with 100% Verified Answers

Share Latest NSE5_FMG-7.0Test Practice Test Questions, Exam Dumps

NEW QUESTION # 19
What does a policy package status of Conflict indicate?

  • A. The policy package does not have a FortiGate as the installation target.
  • B. The policy package configuration has been changed on both FortiManager and the managed device independently.
  • C. The policy package reports inconsistencies and conflicts during a Policy Consistency Check.
  • D. The policy configuration has never been imported after a device was registered on FortiManager.

Answer: B


NEW QUESTION # 20
In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

  • A. Secondary device with highest priority will automatically be promoted to the primary role, and manually
    reconfigure all other secondary devices to point to the new primary device
  • B. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.
  • C. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • D. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.

Answer: D

Explanation:
FortiManager_6.4_Study_Guide-Online - page 346
FortiManager HA doesn't support IP takeover where an HA state transition is transparent to administrators. If a failure of the primary occurs, the administrator must take corrective action to resolve the problem that may include invoking the state transition. If the primary device fails, the administrator must do the following in order to return the FortiManager HA to a working state:
1. Manually reconfigure one of the secondary devices to become the primary device
2. Reconfigure all other secondary devices to point to the new primary device


NEW QUESTION # 21
Refer to the exhibit.

An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.
What is the purpose of this command?

  • A. It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.
  • B. It allows FortiGate to unset central management settings.
  • C. It allows FortiGate to reboot and restore a previously working firmware image.
  • D. It allows FortiGate to reboot and recover the previous configuration from its configuration file.

Answer: D


NEW QUESTION # 22
An administrator run the reload failure command: diagnose test deploymanager reload config
<deviceid> on FortiManager. What does this command do?

  • A. It installs the provisioning template configuration on the specified FortiGate.
  • B. It installs the latest configuration on the specified FortiGate and update the revision history database.
  • C. It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.
  • D. It compares and provides differences in configuration on FortiManager with the current running
    configuration of the specified FortiGate.

Answer: C


NEW QUESTION # 23
An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message.
Which troubleshooting step should you take to resolve the issue?

  • A. Make sure ADOMs are enabled and the administrator has access to the Global ADOM
  • B. Make sure the administrator IP address is part of the trusted hosts.
  • C. Make sure Offline Mode is disabled
  • D. Make sure FortiManager Access is enabled in the administrator profile

Answer: B

Explanation:
Even if a user entered the correct userid/password, the FMG denies access if a user is logging in from an untrusted source IP subnets.
Topic 1, Main Questions Pool B


NEW QUESTION # 24
View the following exhibit.

An administrator has created a firewall address object, Training, which is used in the Local-FortiGate policy package. When the install operation is performed, which IP Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

  • A. It will create firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values
  • B. 192.168.0.1/24
  • C. 10.0.1.0/24
  • D. Local-FortiGate will automatically choose an IP Network based on its network interface settings.

Answer: C


NEW QUESTION # 25
View the following exhibit:

How will FortiManager try to get updates for antivirus and IPS?

  • A. From the default server fdsl.fortinet.com
  • B. From public FDNI server with highest index number only
  • C. From the list of configured override servers with ability to fall back to public FDN servers
  • D. From the configured override server list only

Answer: C


NEW QUESTION # 26
What does a policy package status of Modified indicate?

  • A. The policy package was never imported after a device was registered on FortiManager
  • B. FortiManager is unable to determine the policy package status
  • C. The Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager
  • D. The Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.

Answer: D


NEW QUESTION # 27
What are two outcomes of ADOM revisions? (Choose two.)

  • A. ADOM revisions can create System Checkpoints for the FortiManager configuration
  • B. ADOM revisions can save the current state of all policy packages and objects for an ADOM
  • C. ADOM revisions can save the current size of the whole ADOM
  • D. ADOM revisions can significantly increase the size of the configuration backups.

Answer: B,D


NEW QUESTION # 28
When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

  • A. FortiGate will reject the CLI commands that will cause the tunnel to go down.
  • B. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.
  • C. FortiManager will revert and install a previous configuration revision on the managed FortiGate.
  • D. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.

Answer: C

Explanation:
The configuration change will break the fgfm connection, causing the FortiGate unit to attempt to reconnect for 900 seconds. If the FortiGate cannot reconnect, it will rollback to its previous configuration.


NEW QUESTION # 29
Which two statements regarding device management on FortiManager are true? (Choose two.)

  • A. FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.
  • B. FortiGate devices in HA cluster devices are counted as a single device.
  • C. FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.
  • D. The maximum number of managed devices for each ADOM is 500.

Answer: A,B


NEW QUESTION # 30
Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

  • A. The Security Fabric settings are part of the device level settings
  • B. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices
  • C. The Security Fabric license, group name and password are required for the FortiManager Security Fabric integration
  • D. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices

Answer: A,B


NEW QUESTION # 31
Which two settings must be configured for SD-WAN Central Management? (Choose two.)

  • A. When you configure an SD-WAN, you must specify at least two member interfaces.
  • B. SD-WAN must be enabled on per-ADOM basis
  • C. The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies.
  • D. You can create multiple SD-WAN interfaces per VDOM

Answer: A,B


NEW QUESTION # 32
An administrator is in the process of moving the system template profile between ADOMs by running the following command:
execute improfile import-profile ADOM2 3547 /tmp/myfile
Where does the administrator import the file from?

  • A. ADOM2
  • B. ADOM2 object database
  • C. File system
  • D. ADOM1

Answer: A


NEW QUESTION # 33
What will happen if FortiAnalyzer features are enabled on FortiManager?

  • A. FortiManager will send the logging configuration to the managed devices so the managed devices will start sending logs to FortiManager
  • B. FortiManager will enable ADOMs automatically to collect logs from non-FortiGate devices
  • C. FortiManager can be used only as a logging device.
  • D. FortiManager will reboot

Answer: D


NEW QUESTION # 34
Refer to the exhibit.

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

  • A. FortiManager ignored the firewall service category General but created a new service category in its database.
  • B. FortiManager ignored the firewall service category general and deleted the duplicate value In Its database
  • C. FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.
  • D. FortiManager ignored the firewall service category General and did not update Its database with the value

Answer: C


NEW QUESTION # 35
View the following exhibit.

Which statement is true regarding this failed installation log?

  • A. Policy ID 2 will not be installed
  • B. Policy ID 2 is installed in disabled state
  • C. Policy ID 2 is installed without a source address
  • D. Policy ID 2 is installed without a source device

Answer: D


NEW QUESTION # 36
View the following exhibit.

If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)

  • A. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.
  • B. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
  • C. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.
  • D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

Answer: A,B

Explanation:
Fortimanager can discover FortiGate through a NATed FortiGate IP address. If a FortiManager NATed IP address is configured on FortiGate, then FortiGate can announce itself to FortiManager. FortiManager will not attempt to re-establish the FGFM tunnel to the FortiGate NATed IP address, if the FGFM tunnel is interrupted. Just like it was in the NATed FortiManager scenario, the FortiManager NATed IP address in this scenario is not configured under FortiGate central management configuration.


NEW QUESTION # 37
An administrator run the reload failure command: diagnose test deploymanager reload config
<deviceid> on FortiManager. What does this command do?

  • A. It installs the provisioning template configuration on the specified FortiGate.
  • B. It installs the latest configuration on the specified FortiGate and update the revision history database.
  • C. It compares and provides differences in configuration on FortiManager with the current running configuration of the specified FortiGate.
  • D. It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.

Answer: D


NEW QUESTION # 38
View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

  • A. FortiManager updated the object ALL using FortiGate's value in its database
  • B. FortiManager installed the object ALL with the updated value.
  • C. FortiManager updated the object ALL using FortiManager's value in its database
  • D. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.

Answer: A


NEW QUESTION # 39
Which of the following statements are true regarding reverting to previous revision version from the revision history? (Choose two.)

  • A. To push these changes to a managed device, it required an install operation to the managed FortiGate.
  • B. It will modify device-level database
  • C. Reverting to a previous revision history will generate a new version ID and remove all other history
  • D. Reverting to a previous revision history will tag the device settings status as Auto-Update.

Answer: A,B


NEW QUESTION # 40
......


Fortinet NSE5_FMG-7.0 certification exam is designed for individuals who want to demonstrate their expertise in managing and configuring Fortinet's FortiManager 7.0. Fortinet NSE 5 - FortiManager 7.0 certification is intended for networking professionals who are responsible for deploying and managing Fortinet security solutions in an enterprise environment.

 

Positive Aspects of Valid Dumps NSE5_FMG-7.0 Exam Dumps!: https://validtorrent.prep4pass.com/NSE5_FMG-7.0_exam-braindumps.html

Related Articles

more
Fortinet NSE5_FMG-7.0 Certification Practice Exam

Prep4pass is experienced IT certification exam prep provider with high passing rate, our accurate and valid exam preparation help candidates pass exam 100%.

Latest Exam Prep

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Prep4pass NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy